PyCipher is a focused local password manager for Python. It stores passwords in an encrypted vault protected by a master password, and it also includes a strong password generator for day to day CLI use.
The goal of the project is simple: keep password management local, scriptable, and easy to trust.
- Encrypted local vault backed by
cryptography - Master-password unlock flow
- CLI commands to initialize, add, retrieve, list, and remove entries
- Secure password generation with policy controls
- Ambiguous character filtering for safer manual use
- Installable package with a
pyciphercommand - Test coverage for password generation and vault handling
- Python 3.11+
cryptography
pip install .After installation, use:
pycipher --helpYou can also run the compatibility entrypoint:
python main.py --helpCreate a new encrypted vault:
pycipher initGenerate a password without storing it:
pycipher generate --length 24Store a generated password in the vault:
pycipher add github --username alex@example.com --generate --length 24List stored services:
pycipher listRetrieve an entry:
pycipher get github --show-passwordRemove an entry:
pycipher remove githubBy default the vault is stored at:
~/.pycipher/vault.json
You can override it with --vault:
pycipher --vault /path/to/vault.json listPyCipher supports practical password policies:
--length--no-lowercase--no-uppercase--no-digits--no-symbols--allow-ambiguous
Example:
pycipher generate --length 32 --no-symbols- The vault is encrypted locally before being written to disk.
- Master passwords are never stored in the repository or config files.
- Vault files are written with restrictive permissions when supported by the host OS.
- PyCipher is designed as a local CLI tool, not a cloud sync service.
Run the test suite with:
PYTHONPATH=src python -m unittest discover -s tests- Entry update command
- Tags and search filters
- Clipboard integration with timed clear
- Import and export helpers for migration
This project is licensed under the MIT License.